WHAT IS CLAIMED IS : 

1 . A method for writing or otherwise changing data in a non-volatile storage device 
supported by a block device driver so as to provide ruggedized operation, the 
method comprising the steps of: 

a. sending a command to the device driver for defining current data contents of the 
storage device as a fall-back state in case of failure; 

b. sending a sequence of one or more commands to the device driver, each command 
potentially changing the data contents of the device; and 

c. sending a command to the device driver for defining the resulting data contents of 
the storage device as a new fall-back state in case of failure. 

2. The method of claim 1 , wherein if a failure occurs after step (a) but before the 
completion of step (c), the device driver rolls back the effects of all said 
commands issued in step (b) and returns the storage device to contain said data 
contents defined as a fall-back state in step (a). 

3. The method of claim 2 in which the device driver identifies data associated with 
said commands conducted after establishing said fall-back state, by establishing 
chains of physical blocks associated with the driver's virtual blocks, and storing 
all new data in said physical blocks, such that said new data is stored in said 
physical blocks that are not the first blocks in said chains of physical blocks. 
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The method of claim 2 in which the device driver identifies data associated with 
said commands conducted after establishing said fall-back state, by associating a 
ruggedness field with each physical block and detecting changes in the value of 
said ruggedness field along chains of physical blocks associated with the driver's 
virtual blocks, such that all new data is in blocks which are positioned after points 
of said changes. 

The method of claim 2 in which the device driver identifies data associated with 
said commands conducted after establishing said fall-back state, by associating a 
generation field with each physical block and maintaining a global generation 
state, such that all new data is in blocks whose generation field equals said global 
generation value. 

The method of claim 1, in which ruggedness capability of the device driver can be 
instructed to be turned on or off. 

A method for writing or otherwise changing data in a unit-based non-volatile 
storage device supported by a block device driver so as to provide ruggedized 
operation, the method comprising the steps of: 

sending a command to the device driver for defining current data contents of the 
storage device as a fall-back state in case of failure; 

sending a sequence of one or more commands to the device driver, each command 
potentially changing the data contents of the device; and 
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c. sending a command to the device driver for defining the resulting data contents of 
the storage device as a new fall-back state in case of failure. 

8. The method of claim 7, wherein if a failure occurs after step (a) but before the 
completion of step (c), the device driver rolls back the effects of all said 
commands issued in step (b) and returns the storage device to contain said data 
contents defined as a fall-back state in step (a). 

9. The method of claim 8 in which the device driver identifies data associated with 
said commands conducted after establishing said fall-back state, by establishing 
chains of physical blocks associated with the driver's virtual blocks, and storing 
all new data in said physical blocks, such that said new data is stored in said 
physical blocks that are not the first blocks in said chains of physical blocks. 

10. The method of claim 8 in which the device driver identifies data associated with 
said commands conducted after establishing said fall-back state, by associating a 
ruggedness field with each physical block and detecting changes in the value of 
said ruggedness field along chains of physical blocks associated with the driver's 
virtual blocks, such that all new data is in blocks which are positioned after points 
of said changes. 

1 1 . The method of claim 8 in which the device driver identifies data associated with 
said commands conducted after establishing said fall-back state, by associating a 
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generation field with each physical block and maintaining a global generation 
state, such that all new data is in blocks whose generation field equals said global 
generation value. 

12. The method of claim 7, in which ruggedness capability of the device driver can be 
instructed to be turned on or off. 

13. A method for enabling a file system to write or otherwise change data in a non- 
volatile storage device supported by a ruggedized block device driver, so as to 
provide ruggedized operation of the file system, the method comprising the steps 
of: 

a. optionally examining each command received by said file system, for determining 
whether said command should be protected from failures; and 

b. for each said command determined to be protected from failures: 

i. sending a command to said device driver for defining current data contents 

of the storage device as a fall-back state in case of failure; 

ii. performing said command received by said file system according to 

algorithms of said file system, possibly generating at least one 
command to said device driver, said at least one command potentially 
changing the data contents of said device; and 

iii. sending a command to the device driver for defining said changed data 

contents of the storage device as a new fall-back state in case of failure. 
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14. The method of claim 13, in which said ruggedized operation of said file system 
can be instructed to be turned on or off. 

15. A method for converting an existing non-ruggedized file system on a non-volatile 
storage device supported by a ruggedized block device driver, into a ruggedized 
file system, the method comprising the steps of: 

a. adding, in the beginning of the file system code implementing each file system 
command which might change data contents of the storage device, new code for 
sending a command to the device driver for defining the storage device's current 
data contents as a fall-back state in case of failure; and 

b. adding, at the end of the file system code implementing each file system 
command which might change said data contents of the storage device, new code 
for sending a command to the device driver for defining the storage device's 
current data contents as a fall-back state in case of failure. 



43 



16. The method of claim 15 in which the resulting ruggedized file system is 
compatible with said existing not ruggedized file system on the same physical 
device, such that either a physical device operated under said ruggedized file 
system can be operated under said existing file system, or a physical device 
operated under said existing file system can be operated under said ruggedized 
file system, without loss of data when changing between one file system and the 
other file system. 

17. A method for a software application to write or otherwise change data on a non- 
volatile storage device, where the storage device is supported by a ruggedized 
block device driver and a file system, so as to provide ruggedized operation of 
the application, the method comprising the steps of: 

a. sending a command to the device driver for defining the storage device's current 
data contents as a fall-back state in case of failure; 

b. sending a sequence of at least one command to the file system, each said 
command potentially changing said data contents of the device; and 

c. sending a command to the device driver for defining the resulting data contents of 
the storage device as a new fall-back state in case of failure. 



44 



18. A method for converting an existing non-ruggedized application using a non- 
volatile storage device supported by a ruggedized block device driver and a file 
system, into a ruggedized application, the method comprising the steps of: 

a. adding, before code sending any sequence of commands to the file system which 
might change the file system's data contents , new code for sending a command to 
the device driver, which defines current data contents of the storage device as a 
fall-back state in case of failure; and 

b. adding, after said code sending any sequence of commands to the file system 
which might change the file system's data contents, new code for sending a 
command to the device driver, which defines current data contents of the storage 
device as a fall-back state in case of failure. 

19. A system providing ruggedized operation of a non-volatile storage device, 
comprising: 

a. physical non-volatile storage media; and 

b. a software block device driver which is ruggedized by itself, independently of a 
file system or other software application using it. 

20. The system of claim 19, in which said physical non-volatile storage media is unit- 
based media. 

21 . The system of claim 19, in which said device driver identifies data associated with 
new operations conducted after establishing a fall-back state, by establishing 



45 



chains of physical blocks associated with the driver's virtual blocks, such that all 
such new data is stored in said blocks which are not the first blocks in said chains. 

22. The system of claim 19, in which said device driver identifies the data associated 
with new operations conducted after establishing a fall-back state, by associating 
a ruggedness field with each physical block and detecting changes in the value of 
said ruggedness field along the chains of physical blocks associated with the 
driver's virtual blocks, such that all new data is in blocks which are positioned 
after said points of change. 

23. The system of claim 19, in which said device driver identifies the data associated 
with new operations conducted after establishing a fall-back state, by associating 
a generation field with each physical block and maintaining a global generation 
state, such that all new data is in blocks whose generation field equals the global 
generation value. 

24. The system of claim 19, in which ruggedness capability of said ruggedized device 
driver can be instructed to be turned on or off. 

25. A system providing ruggedized operation of a file system on a non-volatile 
storage device, comprising the following: 

a. physical non-volatile storage media; 
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b. a software block device driver for operating said storage media ? said device driver 
being ruggedized by itself, independently of the file system or other software 
applications using it; and 

c. a ruggedized file system wherein ruggedness of said file system is achieved by 
using the ruggedized features of said block device driver. 

26. The system of claim 25, wherein said ruggedized file system is compatible with at 
least one non-ruggedized file system on the same physical device, such that either 
a physical device operated under said ruggedized file system can be operated 
under said non-ruggedized file system, or a physical device operated under said 
non-ruggedized file system can be operated under said ruggedized file system, 
without loss of data when changing from one file system to the other file system. 

27. The system of claim 25, in which ruggedness capability of said ruggedized file 
system can be instructed to be turned on or off. 

28. A system providing ruggedized operation of a software application on a non- 
volatile storage device, comprising the following: 

a. physical non-volatile storage media; 

b. a software block device driver for operating said storage media, said device driver 
being ruggedized by itself, independently of the file system or other software 
applications using it; 

c. a file system; and 
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d. a software application, such that ruggedness of said application is achieved by 
using ruggedized features of said block device driver. 
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